Java 1.6.0_31更新是否修复了Flashback木马问题?
作者:互联网
最新的OSX(OS X Lion 2012-002的Java)Java更新到1.6.0_31也是闪回恶意软件的错误修复?
该更新在here中描述为:
Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of
which may allow an untrusted Java applet to execute arbitrary code
outside the Java sandbox. Visiting a web page containing a maliciously
crafted untrusted Java applet may lead to arbitrary code execution
with the privileges of the current user. These issues are addressed by
updating to Java version 1.6.0_31. Further information is available
via the Java website at
07001
解决方法:
它修复了Flashback用于安装自身的漏洞; this Gizmodo article提供了更多信息来检查:
1. Run the following command in Terminal:
defaults read /Applications/Safari.app/Contents/Info LSEnvironment
2. Take note of the value, DYLD_INSERT_LIBRARIES
3. Proceed to step 8 if you got the following error message:
"The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist"
如果你没有收到错误信息,那么,time to head to F-Secure for your fix.如果到目前为止你是干净的,你可以继续第八步:
8. Run the following command in Terminal:
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
9. Take note of the result. Your system is already clean of this variant if you got an error message similar to the following:
"The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist"
如果您没有启用任何防病毒保护,您可能需要查看优秀(和免费)Sophos Home Edition
标签:malware,java 来源: https://codeday.me/bug/20190818/1692820.html